A Canonical 1 Locally Named Representation of Binding. α -equivalence is identity. Randy Pollack. Masahiko Sato. LFCS, University of Edinburgh

Transcription

1 A Canonical 1 Locally Named Representation of Binding Randy Pollack LFCS, University of Edinburgh Masahiko Sato Graduate School of Informatics, Kyoto University Version of September 3, α -equivalence is identity

2 Details of This Work Isabelle theory files: Full paper on previous work (to appear in J. Symbolic Computation): Workshop paper on current work: See my web page for these slides and above papers

3 Outline Introduction: Local Representations Symbolic Expressions (sexpr) Variable-Closed Sexprs A Canonical Representation Adequacy of the Representation Examples Conclusion

4 Introduction: Local Representations Outline Introduction: Local Representations Symbolic Expressions (sexpr) Variable-Closed Sexprs A Canonical Representation Adequacy of the Representation Examples Conclusion

5 Introduction: Local Representations Local Representations Syntactically distinct classes for (locally) bound variables vs (globally bound) free parameters. Different styles: Locally named: two species of names; name-carrying abstraction. McKinna/Pollack [TLCA 1993] formalized Pure Type System metatheory. Not canonical representation. Locally nameless: names for parameters, de Bruijn indices for locally bound variables. Ademir, Chargueraud, Pierce, Pollack and Weirich [POPL 08]. Canonical representation. This talk: make locally named representation canonical and do it abstractly.

6 Introduction: Local Representations Why Local Representations? They are concrete: Close to informal usage. Anything true can be proved. Relatively light infrastructure (compared to Twelf or nominal Isabelle). Can be used in intensional constructive logics (e.g. Coq). Technically convenient: Correct terms are an inductively defined subset of a datatype. Constructors (incl. abstraction) are injective. Straightforward definitions by primitive recursion. Natural inversion principles.

7 Introduction: Local Representations Why Locally Named Representation? Here I get onto religious ground. Locally nameless still has de Bruijn infelicity: Induction hypotheses have to be generalized. Technical issues such as opening an abstraction more complicated. Locally named is more beautiful than locally nameless.

8 Introduction: Local Representations Strengthened Induction and Inversion Necessary McKinna/Pollack [TLCA 93] [JAR 1999]. Ademir, Chargueraud, Pierce, Pollack and Weirich [POPL 08] Urban and Pollack [WMM 07] Strong Induction Principles in the Locally Nameless Representation of Binders. In this talk I ignore this issue: see above papers

9 Introduction: Local Representations We Will show: A canonical, locally named representation refining the representation of McKinna/Pollack (1993) in substitution preserving isomorphism with nominal terms. The canonical choice of binding names is interesting and abstract.

10 Symbolic Expressions (sexpr) Outline Introduction: Local Representations Symbolic Expressions (sexpr) Variable-Closed Sexprs A Canonical Representation Adequacy of the Representation Examples Conclusion

11 Symbolic Expressions (sexpr) Syntax of pre-terms Names: Countable set V of atoms used for local variables: x, y, z. Countable set X of atoms, used for global parameters: X, Y, Z. Only relation needed on V, X is decidable equality. Nominal Isabelle atom types are convenient. Symbolic Expressions ( S ): Datatype of pre-terms (pure λ ) ranged over by M, N, P, Q : M ::= x X P Q [x]m Usual induction principles for this datatype. Name-carrying syntax. In general, may be other classes of variables, parameters and expressions e.g. types and terms in System F.

12 Symbolic Expressions (sexpr) Occurrences of Names Occurrences of global names (parameters) X A means X does not occur syntactically in A. Easily defined by structural recursion In nominal Isabelle, our corresponds to nominal freshness (also written ). Free occurrences of Local Variables (LV) Defined by structural recursion. Respects intended scoping of abstraction. LV(X) LV(x) LV(M N) LV([x]M) = {} = {x} = LV(M) LV(N) = LV(M) {x}

13 Symbolic Expressions (sexpr) Substitution, Concretely Concretely defined by structural recursion: [M/X]x = x [M/X]Y = if X = Y then M else Y [M/X]N N = ([M/X]N) [M/X]N [M/X]([x]N) = [x][m/x]n Deterministic: no choosing arbitrary names. Thus has natural properties; e.g. [X/X]M = M. X M = [P/X]M = M. Does not prevent capture, e.g. [x/x][x]x = [x]x. Will only be use in safe ways. Substitution is a B-algebra homomorophism; see Pollack and Sato (J. Symb. Comp.).

14 Symbolic Expressions (sexpr) Not Substitution: a purely technical operation Used to fill a hole (free variable) created by going under a binder. Defined by structural recursion: [M/y]x = if y = x then M else x [M/y]X = X [M/y]([x]N) = [x](if y = x then N else [M/y]N) [M/y]N 1 N 2 = ([M/y]N 1 ) [M/y]N 2 Respects intended scope of binding. Does not prevent capture, e.g. [x/y][x]y = [x]x. Not a B-algebra homomorophism.

15 Outline Introduction: Local Representations Symbolic Expressions (sexpr) Variable-Closed Sexprs A Canonical Representation Adequacy of the Representation Examples Conclusion

16 Overview: Symbolic expressions vs λ -terms Sexprs do not faithfully represent λ -terms for two reasons. 1. Local variables may appear unbound in sexprs. x is an sexpr, but is not intended to represent any λ -term. Remark: X is an sexpr representing a λ -term with one (particular) global variable. The fix: select the set of sexprs with no unbound local variables. Call this subset vclosed for variable closed. Substitution is well-behaved on vclosed. 2. Different sexprs in vclosed may represent the same λ -term. [x]x and [y]y ; not canonical. The fix: select a canonical subset of vclosed. Show that it is an adequate representation of λ -terms.

17 Overview: Symbolic expressions vs λ -terms Sexprs do not faithfully represent λ -terms for two reasons. 1. Local variables may appear unbound in sexprs. x is an sexpr, but is not intended to represent any λ -term. Remark: X is an sexpr representing a λ -term with one (particular) global variable. The fix: select the set of sexprs with no unbound local variables. Call this subset vclosed for variable closed. Substitution is well-behaved on vclosed. 2. Different sexprs in vclosed may represent the same λ -term. [x]x and [y]y ; not canonical. The fix: select a canonical subset of vclosed. Show that it is an adequate representation of λ -terms.

18 Overview: Symbolic expressions vs λ -terms Sexprs do not faithfully represent λ -terms for two reasons. 1. Local variables may appear unbound in sexprs. x is an sexpr, but is not intended to represent any λ -term. Remark: X is an sexpr representing a λ -term with one (particular) global variable. The fix: select the set of sexprs with no unbound local variables. Call this subset vclosed for variable closed. Substitution is well-behaved on vclosed. 2. Different sexprs in vclosed may represent the same λ -term. [x]x and [y]y ; not canonical. The fix: select a canonical subset of vclosed. Show that it is an adequate representation of λ -terms.

19 Overview: Symbolic expressions vs λ -terms Sexprs do not faithfully represent λ -terms for two reasons. 1. Local variables may appear unbound in sexprs. x is an sexpr, but is not intended to represent any λ -term. Remark: X is an sexpr representing a λ -term with one (particular) global variable. The fix: select the set of sexprs with no unbound local variables. Call this subset vclosed for variable closed. Substitution is well-behaved on vclosed. 2. Different sexprs in vclosed may represent the same λ -term. [x]x and [y]y ; not canonical. The fix: select a canonical subset of vclosed. Show that it is an adequate representation of λ -terms.

20 Variable-Closed Sexprs Variable-Closed Sexprs A predicate meaning no free variables. vclosed X vclosed M vclosed N vclosed M N vclosed M vclosed [x][x/x]m An abstraction is vclosed when.... Every parameter is vclosed and no variable is vclosed. vclosed M is provably equivalent to LV(M) = {}. Thus vclosed is intuitively correct. Use vclosed induction instead of sexpr structural induction no case for unbound variables.

21 Variable-Closed Sexprs Variable-Closed and Substitution Operations [M/X]N and [M/x]N are capture free on vclosed. vclosed is trivially closed under substitution: vclosed M vclosed N = vclosed [M/X]N Think of vclosed as a weak typing judgement. vclosed terms behave well for substitution, just as well-typed terms behave well for computation. Remark: The vclosed representation has been used for a big formalisation of type theory [McKinna/Pollack, TLCA 93]. Remember: vclosed representation not canonical.

22 A Canonical Representation A Canonical Representation Consider again the vclosed rules: vclosed X vclosed M vclosed N vclosed M N vclosed M vclosed [x][x/x]m Local variable x not determined in the rule for abstraction. To define a canonical subset L F, choose x deterministically: X : L F M : L F N : L F M N : L F M : L F x = F X (M) [x][x/x]m : L F parameterized by a height function F : X S V. Clearly M : L F = vclosed M, so substitution is capture free. Not obvious that L F is closed under substitution. Still to do: specify F such that L F well behaved.

23 A Canonical Representation Notation Define abs X (M) = [F X (M)][F X (M)/X]M. Abstraction rule can now be written more abstractly. X : L F M : L F N : L F M N : L F M : L F abs X (M) : L F Everything is now parameterised by a height function F, so drop the explicit subscript.

24 A Canonical Representation A Good Height Function Interpret V as N. H : X S N defined by structural recursion: H X (Y ) H X (x) H X (M N) H X ([x]m) = = 0 { 1 if X = Y 0 if X Y = { max(h X (M), H X (N)) HX (M) if H X (M) = 0 or H X (M) > x x + 1 otherwise = L H is isomorphic to nominal lambda terms. This is too concrete; what properties are really needed?

25 A Canonical Representation Three Properties of Good F : X S V (HE) F is equivariant: (HP) F is preserved by substitution: M : L = F X (M) = F [π]x ([π]m). M : L Q : L X Y X Q = F X (M) = F X ([Q/Y ]M). (HF) F X (M) does not occur in binding position on any path from the root of M to any occurrence of X in M. M : L = F X (M) / E X (M) where E X (M) : X S (V set) is defined: E X (α) E X (M N) E X ([x]m) = {} if α is atomic = E{ X (M) E X (N) {} if X M = {x} E X (M) otherwise

26 A Canonical Representation Consistency and Independence of Goodness (HE), (HP) and (HF) are consistent: H is good. (HE), (HP) and (HF) are independent: no two imply the third. Proof by examples Now develop a theory of good F sufficient to prove adequacy of the representation. Many interesting properties follow from goodness of F : L is equivariant: M : L [π]m : L Height lemma: F X (M) / LV(M) = N : L. [N/F X (M)][F X (M)/X]M = [N/X]M. See most recent paper on my webpage.

27 Adequacy of the Representation Outline Introduction: Local Representations Symbolic Expressions (sexpr) Variable-Closed Sexprs A Canonical Representation Adequacy of the Representation Examples Conclusion

28 Adequacy of the Representation Isomorphism with Nominal Done formally in Isabelle. A, B, C range over nominal terms. Define a representation function by primitive recursion :!X = X!(A B) =!A!B![X]A = abs X (!A) Need (HE) ( F equivariant), to show! is a function. Assuming F is good,! is an isomorphic function that preserves substitution: M : L = A.!A = M! is surjective,!a =!B = A = B! is injective,!(a[x::=b]) = [!B/X]!A! respects substitution.

29 Adequacy of the Representation A Converse: Is Goodness of F Required? In this direction we assume! is a substitution preserving isomorphism and have to prove F is good. Still working on this.

30 Examples Outline Introduction: Local Representations Symbolic Expressions (sexpr) Variable-Closed Sexprs A Canonical Representation Adequacy of the Representation Examples Conclusion

31 Examples Example: β -reduction [x]p : L N : L ([x]p) N [N/x]P M 1 M 2 N : L M 1 N M 2 N M N abs X (M) abs X (N) (β) M : L N 1 N 2 M N 1 M N 2 (ξ) Note rule (ξ)! High level notation abs _ (_) hides details. is well behaved, e.g. is equivariant. M N implies M : L and N : L.

32 Examples Example: Simple Type Assignment Let S, T range over simple types. A type context, Γ, is a set of pairs (X, T ) such that no two different pairs have the same first component. (X, T ) Γ Γ X : T Type assignment is equivariant. Γ M : S T Γ M N : T Γ (X, S) M : T Γ abs X (M) : S T Γ M : S Γ M : T = M : L. To prove weakening of we must derive a strengthened induction principle, as usual. Nominal Isabelle can do this automatically.

33 Conclusion Outline Introduction: Local Representations Symbolic Expressions (sexpr) Variable-Closed Sexprs A Canonical Representation Adequacy of the Representation Examples Conclusion

34 Conclusion Conclusion Canonical name-carrying representation of binding. Well formed terms: inductively defined subset of a datatype. All definitions by structural recursion. All constructors injective. More beautiful than [McKinna/Pollack, TLCA 93] ours is canonical. More beautiful than locally nameless [Ayedemir et al., POPL 08]... name carrying, no indexes. Light infrastructure. Formalisable in intensional constructive logic in a few days. Large scale use still requires infrastructure. Nominal Isabelle package provides some free automation.